PT-2011-1176 · Gentoo Linux+1 · Quagga+1

Jan Lieskovsky

Published

2011-03-29

Updated

2024-06-15

CVE-2010-1675

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Quagga versions prior to 0.99.20 Quagga versions prior to 0.99.18

Description The issue affects the quagga package in Gentoo Linux, potentially leading to breaches of confidentiality, integrity, and availability of protected information. Exploitation can be done remotely. Specifically, a malformed AS PATHLIMIT path attribute can cause a denial of service (session reset) in bgpd.

Recommendations For Quagga versions prior to 0.99.20, update to version 0.99.20 or later to resolve the issue. For Quagga versions prior to 0.99.18, update to version 0.99.18 or later to prevent a denial of service (session reset) via a malformed AS PATHLIMIT path attribute.

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

BDU:2015-09430

CVE-2010-1675

DSA-2197-1

OPENSUSE-SU-2024:10362-1

RHSA-2011:0406

RHSA-2011_0406

Affected Products

Quagga

Red Hat

PT-2011-1176 · Gentoo Linux+1 · Quagga+1

CVE-2010-1675

Weakness Enumeration

Related Identifiers

Affected Products

References · 27